Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4d7033d-2443-415e-b118-06f9d052957f.roa
File: c4d7033d-2443-415e-b118-06f9d052957f.roa (raw, json)
Hash identifier: xPNHJ+JY6T0Mo9nWPsBIToMo+WxIaIXgvTtkad5Ewts=
Subject key identifier: 84:12:FE:E5:AB:91:96:D3:CA:C2:B7:91:66:B0:3C:39:FD:65:FC:1E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 3D1422D55ABA119442B0269954FAD845402F2EF3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4d7033d-2443-415e-b118-06f9d052957f.roa
Signing time: Tue 28 Oct 2025 00:10:07 +0000
ROA not before: Tue 28 Oct 2025 00:10:07 +0000
ROA not after: Tue 02 Dec 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1ff8:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:14:22:d5:5a:ba:11:94:42:b0:26:99:54:fa:d8:45:40:2f:2e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 28 00:10:07 2025 GMT
Not After : Dec 2 23:59:59 2025 GMT
Subject: serialNumber=ee009ed1863a4293e79593ac8ff69095bf6b778d39e8491ede8fa324ab5e6539, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:30:01:c6:c1:cd:fe:e5:a6:c6:d7:7a:94:
e9:cb:44:0e:c3:a2:e8:43:4a:6e:d4:a9:78:6e:7a:
87:88:b9:bb:b3:f7:af:ef:59:93:4e:fb:77:7b:23:
5b:8b:8c:f4:46:29:7c:35:30:45:99:47:b9:ea:3d:
fb:53:5d:30:1d:d4:a8:40:0f:a7:71:37:3f:ed:8a:
9b:8d:04:f0:49:45:19:70:76:47:92:1d:8e:fe:bf:
66:ef:5d:c6:39:87:a5:f0:5d:a8:a6:54:ab:d5:b7:
db:ff:78:90:64:15:0b:0d:4a:1a:29:7c:fb:ff:8f:
ff:46:7d:dc:1b:0e:a4:f6:ad:fd:49:df:2e:de:c1:
f5:75:9c:5e:09:92:94:34:21:f6:1e:48:a0:64:45:
e1:74:a8:95:14:fd:03:c1:24:ee:24:88:95:7f:81:
04:0b:98:0d:92:0c:0b:af:88:d3:a6:52:88:9c:d4:
8c:d2:20:4c:e3:ac:bd:aa:48:62:90:22:8e:80:21:
86:19:ba:6d:18:be:6b:d0:64:93:11:af:e9:db:59:
b0:d0:fd:f5:8e:e8:18:91:d1:e0:78:78:f3:5d:74:
be:24:63:a8:34:f4:99:52:a8:24:1a:d6:c9:87:8e:
cc:74:63:9e:84:84:0a:1a:71:3e:11:cb:91:6c:5a:
f0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:12:FE:E5:AB:91:96:D3:CA:C2:B7:91:66:B0:3C:39:FD:65:FC:1E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4d7033d-2443-415e-b118-06f9d052957f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff8:2000::/40
Signature Algorithm: sha256WithRSAEncryption
74:11:03:45:e8:70:06:16:e4:e3:b1:3c:5b:d3:48:91:e6:c5:
31:f1:fc:bb:b4:0b:3d:64:33:4b:bc:06:ec:23:24:53:94:7a:
85:0b:b6:ad:a8:4a:34:00:b4:7d:55:42:5e:82:10:5c:7f:d3:
79:cd:d2:46:72:f3:25:e2:28:15:61:f5:d7:00:fc:82:1f:1b:
26:a1:10:55:55:4b:8a:ec:8b:95:c1:f8:af:29:5c:4f:ed:3b:
3b:59:e6:c8:2d:e3:e4:7b:78:e5:e6:50:4d:71:80:e7:06:e4:
71:01:3f:63:ab:f7:38:46:65:b9:84:6b:b7:36:51:05:be:0b:
e4:53:8f:7a:4b:93:6f:2b:66:9c:d3:8e:6c:14:51:3d:a3:c5:
6c:bd:56:28:a1:41:6f:20:50:6b:6e:8c:25:08:aa:f1:98:45:
cd:02:11:72:34:e8:44:eb:6a:1f:d7:02:fd:76:30:2e:1c:9c:
cf:e5:09:bd:22:8c:ee:51:ed:2a:e3:9a:89:4f:06:39:cf:57:
e6:1d:2f:e7:da:ab:3d:c8:a9:19:b9:82:22:1c:6c:54:33:af:
55:10:6b:66:d8:b4:77:9e:59:6e:7d:21:84:32:1b:81:02:18:
cd:6d:f4:5d:4a:c2:db:bf:8c:c1:7f:ff:2f:1d:e9:53:0d:74:
7e:c4:87:81
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUPRQi1Vq6EZRCsCaZVPrYRUAvLvMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAxMDA3WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZTAwOWVkMTg2M2E0MjkzZTc5NTkzYWM4ZmY2OTA5NWJm
NmI3NzhkMzllODQ5MWVkZThmYTMyNGFiNWU2NTM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC15zABxsHN/uWmxtd6lOnLRA7DouhDSm7UqXhueoeIubuz
96/vWZNO+3d7I1uLjPRGKXw1MEWZR7nqPftTXTAd1KhAD6dxNz/tipuNBPBJRRlw
dkeSHY7+v2bvXcY5h6XwXaimVKvVt9v/eJBkFQsNShopfPv/j/9GfdwbDqT2rf1J
3y7ewfV1nF4JkpQ0IfYeSKBkReF0qJUU/QPBJO4kiJV/gQQLmA2SDAuviNOmUoic
1IzSIEzjrL2qSGKQIo6AIYYZum0YvmvQZJMRr+nbWbDQ/fWO6BiR0eB4ePNddL4k
Y6g09JlSqCQa1smHjsx0Y56EhAoacT4Ry5FsWvCXAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUhBL+5auRltPKwreRZrA8Of1l/B4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M0ZDcwMzNkLTI0NDMtNDE1ZS1iMTE4LTA2ZjlkMDUyOTU3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/4IDANBgkqhkiG9w0BAQsFAAOCAQEAdBEDRehwBhbk47E8W9NIkebF
MfH8u7QLPWQzS7wG7CMkU5R6hQu2rahKNAC0fVVCXoIQXH/Tec3SRnLzJeIoFWH1
1wD8gh8bJqEQVVVLiuyLlcH4rylcT+07O1nmyC3j5Ht45eZQTXGA5wbkcQE/Y6v3
OEZluYRrtzZRBb4L5FOPekuTbytmnNOObBRRPaPFbL1WKKFBbyBQa26MJQiq8ZhF
zQIRcjToROtqH9cC/XYwLhycz+UJvSKM7lHtKuOaiU8GOc9X5h0v59qrPcipGbmC
IhxsVDOvVRBrZti0d55Zbn0hhDIbgQIYzW30XUrC27+MwX//Lx3pUw10fsSHgQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:03:52 2025 by rpki-client